A vulnerability marked as critical has been reported in Totolink A3300R 17.0.0cu.557_B20221024 . The affected element is an unknown function of the file /cgi-bin/cstecgi.cgi . This manipulation of the argument stunMaxAlive causes command injection. This vulnerability is tracked as CVE-2026-31178 . The attack is possible to be carried out remotely. No exploit exists.